NETWORK
SECURITY
Dr.
Wayne C. Summers
Associate
Professor - Computer Science
ITM
- Pusat Pendidikan Persediaan / MUCIA - Indiana University
Section
17, 40200, Shah Alam, Selangor
phone
/ fax: (03) 541-5846
e-mail:
wayne@mucia.itm.my
Abstract: In today's world of rapid expansion and computerization, the
use of computer networks is becoming a necessity. The use of stand-alone computing is quickly
becoming outdated. Computer systems are
more than just hardware and software. As
computers are linked together via computer networks, the data and software
become more vulnerable to disturbance.
This paper will discuss these vulnerabilities as well as provide some
suggestions for overcoming these. The
focus of the paper is on network security.
It will look at ways to provide a secure environment for using computer
networks. Special attention will be
placed on two of the most popular network environments today. With the increased importance being placed on
Open Systems, it is important to understand the security features and potential
inadequacies inherent in the UNIX operating system. The paper will also look at Novell's Netware
and how this software addresses the problems of security. Data is the lifeblood of every
organization. It is important that it be
kept secure. One of the best ways will
be through an increased awareness of the problems of computer and network
security.
Introduction
Over the past several years, mainframe and minicomputers have been
replaced by the computer network. When
mainframe and minicomputers were purchased, they came with many built-in
security features. Although there were
breaches of security, most were controllable.
The computer was generally kept in a limited access room. The number of authorized users was generally
small in number. Sign-on IDs and
passwords were necessary to use the computer system and the amount and type of
usage was logged.
Today as everyone migrates to networks of personal computers, little
attention is being payed to the area of
security. "Few organizations seem
to recognize that part of the cost of IT is its security. As desktop computing becomes an everyday part
of business life so the need for better security measures will
increase.." ".. Because the
cost of computing is falling, many more staff are being given, computing
facilities to perform their daily tasks and yet comparatively few of them are
given training in protecting the data on which they rely."[3]
"The proliferation of DOS workstations and the subsequent increase
in the use of LANs has posed unique threats to the security of information
stored, processed, and communicated on and between computer systems. The demand for secure systems, fed by the
enhanced system technology has out-paced efforts to provide reasonable and
adequate security technology.
Concerted efforts to provide a proper level of security to existing and
new systems is under way, but the lack of standards for LAN security, network
protocols, and network architectures have hampered development efforts."[1] Is the lack of network security a
problem? How can we deal with this
problem? What levels of protection are
necessary and appropriate to ensure
adequate security? This paper addresses
these and other issues.
Definitions
What is computer security?
For some it is controlling access to hardware, software and data of a
computerized system. A large measure of
computer security is simply keeping the computer system's information secure.
In broader terms, computer security can be thought of as the protection of the
computer and its resources against accidental or intentional disclosure of
confidential data, unlawful modification of data or programs, the destruction
of data, software or hardware. It includes the denial of use of one's computer facilities
for criminal activities including computer related fraud and blackmail. Computer security involves the elimination of
weaknesses or vulnerabilities that might be exploited to cause loss or harm.
A computer network is a collection of hardware and software
connected to allow data and information to be transmitted easily from one
computer to another. This usually
includes the sharing of devices and/or data.
A computer network typically contains computers, network interface cards
or modems, communication software and some type of transmission media usually
wire or fiber-optic cable. Local
area networks or LANs, are networks that are limited geographically to a
single site. Most local area networks of
microcomputers employ the "client-server" architecture. Most computers in the network are client
workstations; a few are servers. The
server computers provide various services to the clients. These servers usually include shared disk
storage, shared printers, and shared wide-area-network (WAN) access.
A computerized system for processing information, or an information
system is composed of five major components: hardware, software, data,
people and procedures. To protect our
computer networks, we need effective controls for all five components that will
reduce the system's vulnerabilities.
Why do we
need security?
There are many threats to the security of our computers and
networks. These range from data stealing
and diddling to the accidental loss of data.
One U.S. study found that the average data loss to a Fortune 500 company
cost the company over $2 million.
Data Stealing
Data stealing is a serious problem.
Whether the data is modified or not, the interception and illicit use of
data should be a major concern. Data
stealing may be simply removing a diskette with important data. It may involve copying the data from a hard
disk. With the increase of networks, it
may involve downloading the data to a diskette.
Even with the workstations secure, in a computer network, what is to
prevent someone from intercepting a transmission of data via the network.
Data Diddling
One problem often over-looked in network security is the modification of
data or data diddling. This problem is
well known in the large computer environments especially in the banking
industry. Data diddling is hard to
detect and even harder to identify and prove who the culprit is.
Hackers
Hackers are typically young males who are exploring a computer system or
network. Many hacker activities include
modification and steal of data. Other
activities might include snooping through a database or using the computer for
personal use.
|
Figure
1 |
Viruses
Certainly the best known problem in computer security today is that of
computer viruses. Anyone who has seen a
computer virus ripple through a computer network in a matter of seconds can
attest to the disaster that is just waiting to happen on most computer
networks. The author saw a computer
network of 51 PCs infected in less than one minute.
Computer viruses are a leading threat to secure computing. There are over 3000 computer viruses and
strains with several new ones developed every day. Over eight million PCs have been hit by
viruses by 1992 with 90% of those infected being reinfected within a short
period. Over 90% of those surveyed in Malaysia have
experienced a computer virus infection [Figure 1]. Almost 74% of those had at least five
infections [Figure 2]. It's also
possible that some of those who claim to have not been infected by viruses, may
have not known how to recognize an infection.
|
Figure
2 |
Fortunately in Malaysia, the number of virulent viruses is probably less
than 100. Most of these are relatively
harmless. One reasons for so many
occurrences of viruses both here and elsewhere is the widespread copying of
software. Stop the copying and use of
illegal software and the spread of viruses would diminish greatly.
Loss of Data
The biggest cause of data loss is accidental, i.e. "operator
error." This accounts for, by some
estimates, as much as 80% of the reported data loss. Only about 7% of the data lost can be
attributed to computer viruses although this percentage is increasing. The remaining 10% of the data lost can be
attributed to computer crime, environmental causes and bugs in the hardware and
software. Our biggest problem is the
proverbial "oops." Employees
are not paying attention to what they are doing, or are given incomplete
instructions, causing more damage than any outsider can do.
What levels of
protection are appropriate?
How much security is enough?
"The more secure you try to make a computer, the more inconvenient
it is to use." [10] We need
"just enough security."
Security is not the only factor in the design of computer systems
especially computer networks. Most users
want a system that is easy to use and flexible.
Users want universal access and the ability to interconnect to a wide
range of resources. There must be
tradeoffs involved.
Orange Book and Red Book Requirements
In the U.S., all government agencies are required by law to protect
sensitive information as a public interest.
The U.S. National Computer Security Center (NCSC) has established
guidelines for evaluating and formally rating security technology. These guidelines are called the Trusted
Computer Systems Evaluation Criteria (The "Orange Book") and the
Trusted Network Interpretation (The "Red Book"). Although many concepts discussed in the
Orange Book are applicable to network environments, the Orange Book doesn't
define what is needed to make a computer network secure. The Orange Book only addresses
single-system security. It also focuses
primarily on the issue of access to the computer system. The Orange Book is mainly concerned with
secrecy (keeping unauthorized users out of a system) and integrity (keeping
data from being lost or changed). It
does not completely discuss two other important aspects of network security,
availability (keeping the system or network working efficiently) and authenticity
(confirming that particular information was sent and received).
The Orange Book guidelines classify systems into four divisions of
enhanced security protection. The NCSC
security criteria range from D - Minimal protection, with no special security
features (For example a PC in an unlocked room) to A1 - Formal proofs are
required. To date, no systems are yet
available that are certified with A1 security.
Between these extremes are the security divisions B and C that are
further divided into five total criteria groups. Most systems with a minimum of security
features comply with the C1 standard that includes a login/password procedure
and some access permissions for users and devices.
Most computer systems should strive for a minimum of C2 security
certification that deal mainly with auditing and authentication issues. All security-related events are audited. The login/password procedures provide certain
authentication. Encrypted passwords are
stored in a place inaccessible to an unprivileged user.
The Red Book
The Red Book was designed to extend the Orange Book evaluation classes
to trusted computer network systems. It
divides its criteria into two general categories: the Orange Book requirements
and other security services. For the first
category, the same rating system is used as in the Orange Book. The other services that are evaluated include
communications integrity, denial of service, and compromise protection.
Communication integrity services ensure accurate transmission of network
communications. Can messages be forged
or modified during transmission? Can
messages be repudiated by either the sender or receiver? The system must ensure that unauthorized
users cannot pretend to be another ( masquerading ) and that an
authorized user cannot record and resend a previously sent message ( playback ). Messages being transmitted cannot be changed
either deliberately or accidentally.
Steps must also be taken to ensure that the sender cannot deny sending a
message and the receiver cannot deny receiving the message.
Denial of service protection is important to ensure that the network
continues to function and that all needed services are available. This requires network support for good system
administration and facilities to prevent threats like worms and message
flooding. The network must continue to
work efficiently, even if components fail or if the network is under
attack. Any network problems should be
easily detected using the existing protocols.
The system needs to monitor network performance to detect any network
failures, inequities or network attacks.
Compromise protection ensures that information transmitted over the
network is kept secret from those not authorized to access it. Data characteristics need to be protected
from analysis by an intruder. For
example, knowledge that a lot of data is being transmitted between two
companies might be useful for a competitor.
Selective routing needs to be provided to avoid particular threats to
data from certain routes or systems.
To reiterate, not every system needs all this security. It is important to select just the right
amount of security for the network and to balance the amount of security with
the other needs of the users.
Security
Features
Designing security for a computer network is very much like designing
security for a house. It usually
includes several layers of protection often as fences or sometimes called
firewalls. Just like a house may be
initially surrounded by a fence or wall with a locked gate, a computer system
also has a front-line defense. This is
called the identification and authentication system. The next layer of security in the house might
be the doors and windows that are used to screen out those who make it past the
front gate. In a computer system the
second line of defense can be thought of as the access control system which
limits access to the file system and devices for those who are authorized to
use them. The final defense in a house
might be the burglar alarm system. In a
computer the innermost line of defense is the encryption feature for disguising
the data. Other security features might
include a guard, hidden cameras and if all else fails insurance. Similarly in a computer network, we have
anti-virus software to protect us from viruses, audit trailing to watch for
incursions into the network by unauthorized individuals. And if all else fails, we have backup and
recovery facilities.
Identification and Authentication:
One of the easiest forms of identification and authentication to
implement is the login / password procedure.
Passwords are easy to use but also easy to misuse. Many computer users either select passwords
that are not only easy to remember but also easy to guess by an intruder. Other users select a password that is so hard
to remember that they have to write it down where the intruder can find it.
Some rules of thumb for passwords include selecting a password that is
at least six characters long containing upper and lowercase letters, digits and
punctuation characters if possible. Pick
a password that can be easily memorized but not easily guessed. Don't share it with everyone. Don't use a common name or a word found in
the dictionary. These can be discovered
very rapidly. A password is useless if
someone else knows it. Passwords can
accidently be divulged over time, so they should be changed periodically. In many security systems, you can set an
expiration date when the passwords must be changed. Many application software
packages also have password protection options for the data files, but few
individuals are using them.
Once passwords are used, they need to be hidden from prying eyes. The passwords should not be stored in a
plaintext table that can be inspected in the computer's memory or found on a
tape backup. Use one-way encryption to
hide the passwords. Do not allow the
user of the network to retry the login/password sequence more than three times.
Other types of identification and authentication include card-key
systems and key-pads with PIN numbers.
The most secure method is using unique characteristics like
fingerprints, voiceprints and eye-retina mappings. These are much more expensive to implement
and more difficult to use. If the
network is accessible via modem, a call-back system might be implemented. This
requires the computer to keep a list of phone numbers for each user that are
used to call the user back before allowing the user to logon.
Discretionary Access Control
The next level of protection is the Access Control System. Once the user has logged onto the computer
network, a pre-determined set of access rights are given to the user. ACS's selectively restrict access to files,
directories, floppy disk drives, and even external ports. These access rights are typically determined
by the systems administrator and are often maintained in a protected database
that should be encrypted. In many
environments including UNIX, file and directory access rights are kept in an inode (information node) which is
maintained with the file. For files and
directories, the ability to read, write and execute files can be
restricted. These restriction can be
applied to the owner of the file, all other users or a pre-defined group of
users.
One additional concern is what happens to the protected device when the
user is finished. Can it be reused by
another user? If so, it must be
erased. For example, the memory block
area just used by one person needs to be overwritten to prevent the next person
from accessing the previous user's data.
In general, the rules for discretionary access control should be based
on a "need-to-know" for information and a "need-to-use" for
hardware and software devices. Don't
allow the user access to more than what the user needs.
Encryption
Data is the life-blood of the company.
The easiest way to protect the data is to hide it from prying eyes. Placing the data in an inaccessible directory
and making the file unreadable by others will keep it secure in most
cases. However if someone discovers your
password or gains access to your files in another way, they can read and write
to your file. In addition, the file has
been saved on a backup tape that could be compromised. Fortunately, there is an additional layer of
security. The file could be encrypted.
Encryption uses an algorithm that hides the meaning of the text[Fig. 3].
plaintext ______
ciphertext ________ original
---------------->
|_______| -------------->|________| ----------->
plaintext
Figure
3
A good cryptographic algorithm should be simple to use by authorized
users but difficult and time consuming for non-authorized users to decrypt. The
security of the data should not depend on the secrecy of the algorithm. The efficiency and security of the algorithm
should not be data dependent.
As discussed earlier, it is essential that the password file be
encrypted. In addition, there should be
available facilities for encrypting files and data transmitted on the
network. The best technique for
encrypting data transmitted on a network is at the presentation or session
layer or its equivalent in the OSI. This
way data is encrypted before it reaches the transport layer and only the data
packets are encrypted and handled simply as data packets.
More programs are appearing that include and support encryption. Less than 40% of those surveyed in Malaysia by the author use encryption to hide
their data.
Anti-virus
Most viruses enter a network system through PCs. There are viruses that specifically attack
computer networks, but they are very few and not widespread YET. If your system contains PCs, your first line
of defense is an anti-virus software or hardware on each client PC. If the client PC does become infected or if a
floppy disk on the client is infected,
most often the infection will stop there. In order for the virus to infect the server,
usually the client computer must be logged in as supervisor. In network software like NetWare, an attempt
by a virus to infect the server will usually result in either the virus being
disabled or NetWare being disabled but the server remains uninfected.
Problems can arise when the server acts a file server and has no
protection on the executable programs residing on the file server. Programs that reside on the server but are executed
at the workstation may become infected.
These infected programs can then transmit the infection to all other
workstations executing the infected program.
In these environments, the virus can spread within seconds to all the
workstations. A solution to this is to
use an antivirus program like LanProtect that shields out attempts by viruses
to infect from a client to the server.
In addition, LanProtect comes with a scanner that can be programmed to
run at a given time each day. There are
beginning to appear more equally good anti-virus software for network servers.
There are not many problems with computer viruses on UNIX based systems
although that may change in the future as the UNIX user-base increases. A related problem with many computer networks
is the other types of programs like Trojan horses and worms that can infect
computer network systems. There is no
software to protect against these kinds of infections, but the common rules of
network security outlined elsewhere in this section will help.
Auditing Trailing
It is important to keep track of what is happening on the computer
system. If an intruder got into the
computer network, it is important to isolate when and where this happened. What did the intruder do? The intruder may be a person or even a
computer virus. To track this, it is
important that the security system keep an audit trail of all access attempts,
both successful and unsuccessful, to the objects identified by the system. The audit trail database needs to be secure
from modification, unauthorized access or deletion. Read-only access for the audit trail database
should be limited to systems administrators and security managers. The audit trail database should minimally
keep track of the following:
• all successful and
unsuccessful resource access attempts
• system faults and
restarts
• actions by systems
and security administrators and operators
• diagnostically
detected errors
• creation and deletion
of objects
Each entry in the database should include the active user, event type,
the date/time of the event, and the
success or failure of the event.
|
Figure 4 |
People and Procedures
Computers do not commit crimes, write computer viruses or accidentally
delete files. Most of the problems
associated with computer security are people problems. These problems can generally be solved with
appropriate procedures. Establish a
computer security policy and educate the users about the procedures they are
expected to follow. A good computer
security program involves everyone in the organization from senior management
down. Over 50% of those surveyed [14]
state that their company has no computer security policy. It is important that computer users
understand the issues of computer security, computer ethics as well as the
legal issues involved in using a computer.
|
Figure 5 |
Procedures must be developed for using secure computing systems. Users must not leave computers unattended
without securing both the computer and any storage media. Printers should not be left unattended when
printing confidential information.
Secure all software and hardware with passwords and if possible lock and
key. It is ironic that 75% of those
surveyed [Figure 4] lock up their office supplies while over 50% [Figure 5
& 6] leave their software and data unsecured at night. Are paper clips and pencils more important
than our data?
|
Figure 6 |
Do not allow eating, drinking and smoking near the computers. Computer personnel in mainframe and
minicomputer environments recognized early the importance and necessity of
placing the computer and storage media in a clean environment. Unfortunately, this concern is lost when we
move to PCs and networks.
|
Figure 7 |
Backup
One most important procedure to establish is backup. Data and software can be lost due to a virus
attack, sabotage or by negligence. It is
necessary to have current backups to recover from the loss. Where should those backups be kept? Although most of those surveyed made regular
backups, over 40% keep the backups on site with the computer [Figure 7]. If a disaster were to suddenly strike the
computing facility, not only is the computer and original data lost, but so is
the backup. Mainframe computer personnel
have procedures for keeping two generations of backups. The first is kept on site while the second
generation of backups is kept in another building preferably far away. Network administrators need to follow these
procedures.
When backup is considered, it should not be limited to data and
software. There needs to be backups for
the hardware, people and procedures part of the computer system. Too often an entire network is brought down
because of the failure of one small link in the system. How many computer networks have a backup of
their essential hardware components available?
What happens to a computer system is a crucial employee is ill or leaves
the company immediately?
|
Figure 8 |
Contingency Planning
How long can you survive without
your computers? Studies have shown that
over 90% of the companies that suffered a "catastrophic loss" in
their computer systems never recover.
You must plan for the unlikely.
Unfortunately, of those surveyed, less than 40% have a disaster recovery
plan [Figure 8].
Malaysia is very fortunate in having at least three facilities available
for disaster recovery. One is the Computer
Recovery Facility in Kelana Jaya while another is the Computer Recovery
Center in Petaling Jaya. Both companies provide security facility for
storing off-site backups. In addition
both companies provide both "cold site" (Shell) and "hot
site" facilities. The cold site
provides power/cooling and should be up and running within a week. The hot site is a complete hardware
facility and only requires that the
software and backups be installed before you can start operating.
An alternative to these facilities is to have your own hot or cold site
where all processing is mirrored so that you can recover immediately from a
disaster. Some companies will even share
facilities. Of course the disadvantage is cost. But then, how dependent are you on your
computer systems? Computer security does
not come cheap.
Gateway System
Although the LAN can be considered secure, it may be linked to other
networks. These may be other LANs or
WAN. In a simple network environment,
all interaction outside the trusted LAN might be considered as a single
security level. In this environment, a
gateway system or firewall computer is needed. This would separate the trusted system
from the untrusted systems or networks outside.
All communication between networks would take place through the gateway
computer that protects or insolates the LAN and security can be concentrated on
the gateway computer.
Brief Look
at Two Networks
Novell Netware
Novell's Netware was submitted in
October 1992 for C2 evaluation. Since
its development, Netware security has been continually enhanced. It now provides for encrypting the password
from the workstation to the server across the network connections. Netware separates the user's profile (Trusted
Rights) from the database that contains the passwords and object identifications
(the Bindery). Most importantly, Netware
can be thought of as an operating system that is installed on a server
platform, takes control of that platform and prevents almost all unauthorized
attacks.
In addition, Netware provides a Transaction Tracking System (TTS) which
protects the bindery from becoming corrupted.
It ensures that a transaction will either be completely written to the
disk or backed out if incomplete. This
maintains the database integrity in case the network fails.
To ensure a secure system, the system administrator should:
•check the status of the
hard disks periodically. This can be
done with CHKVOL, CHKDIR and VOLINFO. In
addition the VOL$LOG.ERR file should be monitored.
•use the SECURITY
command. This provides information on
the users that have supervisor rights as well as those who have access to the
SYS:SYSTEM directory. It also identifies
users with insecure or no passwords.
•use SYSCON to view the
File Server Error Log. This will
identify node addresses of workstations that are connected to the file server
via RCONSOLE. It will also give the
status of most of the key parts of the network.
•run USELIST to monitor
the users' login habits.
•use FILER to view the
users' effective rights to files and directories.
•keep adequate
backups. This must include the bindery
and the directory trustee assignments.
•use SECURE CONSOLE. This will force loadable modules to be loaded
only from SYS:SYSTEM. It will also
prevent anyone from using the OS debugger and prevent anyone from modifying the
date and time. In addition it removes
DOS from the file server.
•Finally lock the file
server console if it is not in a physically secure location.
UNIX
When UNIX was first designed, security was not a major concern. UNIX was
written by researchers at Bell Labs to be used in research environments. It is now being used by all parts of the
computing world and has become synonymous with Open Systems. Although not originally designed for security,
UNIX now comes with a great deal of security features that may be implemented. UNIX can provide a very secure computing
environment when it is managed correctly.
The reason that many suggest UNIX lacks security is that many security
features are either not implemented or implemented incorrectly.
UNIX is equipped with an adequate barrier for screening out unauthorized
access. UNIX uses a standard
login/password procedure. The passwords
are typically kept in the file /etc/passwd in encrypted form. To provide for additional security, UNIX can
be configured for C2 security that moves the passwords to an even more secure
location that can only be read by the supervisor. Unfortunately when UNIX is installed, many of
the standard accounts do not have passwords.
These include accounts root, nobody, daemon, bin and sync. This problem can be easily remedied. The first step is to install a good password
on the root account. Then insert * for
the password in the other accounts. This
prevents anyone from logging onto these accounts. The file /etc/passwd should be periodically checked
to ensure that there are no accounts without passwords.
There should be one password administrator (usually the systems
administrator). Users must be required
to set passwords when they are given accounts.
Password aging should be enabled.
This requires that after a fixed amount of time, the user must replace
their password. If there are guest
accounts for vendors and visitors, change the passwords frequently. When employees leave or are transferred,
delete their accounts immediately. Logins
without passwords should never be allowed. Employees should be encouraged to use good
passwords.
UNIX provides a rich amount of discretionary access control. Every file and directory can be restricted
for reading, writing and executing. The
permissions can be granted to the owner of the file, everyone, or a pre-defined
group of users. Unfortunately, the
default permissions allow everyone to read and execute every newly created file
and directory. This can and should be
changed by using an umask which restricts the permissions to only allow
the owner to read, write and execute the file.
These permissions may still be changed but only by the owner of the file
or the supervisor. The public
directories /, /bin, /usr/bin, /etc, and /var should not allow for public write
permission. In addition each user's home
directory as well as .profile and .login files should be owned by the user and
should have write permission only for that user.
Restrictions need to be placed on devices. No public access should allow for
"raw" disk devices or terminal devices on a serial line. No access should be allowed to /dev/mem and
/dev/kmem. These files provide access to
the computer's memory and could allow the user to access other user's data.
UNIX provides for several levels of encryption. The passwords are encrypted and placed in
either the /etc/passwd file or /etc/security/passwd.adjunct if C2 security is
used. UNIX uses a one-way encryption
scheme to avoid decrypting the passwords.
UNIX also provides for several levels of encryption of files. Most versions of UNIX come with a
program crypt that requires a key
from the user. For more secure
encryption, many versions of UNIX also provide for DES encryption.
UNIX provides a wide-range of audit trailing features. Using the audit facilities, the supervisor can determine who
is performing what operations, what operations are occurring with unusual
frequency, and who is performing abnormal operations. The file /usr/adm/wtmp keeps track of all
log-in and logouts. /usr/adm/sulog does
the same for the supervisor logins. The file /etc/dumpdate holds the date for
the most recent dump and should be checked periodically. The file /var/adm/messages contains all the
messages sent to the system and should be checked frequently.
The programs du and df are useful to run. du lists
the current disk usage while df monitors the file system usage. These are important and should be run at
least daily to prevent disasters like full disk space. w is also useful to run. Besides listing all users, w also
lists the users' activities. The iostat program will detail all the
traffic to filestores, terminals and tape devices while the netstat
program will detail the status of network activities. The supervisor should monitor the access control
on files and directories by periodically using ls -al to list all the
files. Particular attention should then
be placed in looking at the permissions, the owner and the last date of
access. To ensure a secure system, the
system administrator should:
•Keep backups in a secure
location offsite.
•Don't leave a
workstation unattended. Use lockscreen
or log out.
•Limit the number of
supervisors to as small a number as possible.
•Never login as
root. If needed log in as /bin/su -
(Not just su).
•Do not mark the server
(console) as secure in /etc/ttytab. This
will require that anyone booting the system as single-user must enter the root
password. It will also prevent a user
from logging in as root. The user must
login as su which will then be recorded.
•Place the system
operators in the operator group. This
way they can still do dump, restore and shutdown without having su privileges.
•To minimize the threat
of Trojan horses, all accounts should have the current directory at the end of
the search path. The search path for su
should not include the current directory at all.
•Don't run other users'
programs as root. Copy them to a user
account first and then run them.
•Prevent users from
imitating the login process by allowing the login command to be executed only
by root.
•ed, vi and write should
not be root owned to prevent the exit ! from returning to the "super
user" shell.
•restrict access to the mount
command.
•Don't put anything in
/tmp or /var/tmp that you don't want others to read.
Recommendations
Cautions
Review the systems vulnerabilities.
If there are holes, plug them up.
Check the integrity of the file system.
Keep backups and secure them offsite.
Monitor the users and their access rights. Use the auditing features of the computer
network system. When new software is
purchased, test it thoroughly before installing it.
Awareness
Implement a security awareness program.
Before we can expect our employees to comply with the company's
policies, they must first be made aware of the requirements. Don't just write down the rules and
regulations, spread the word. And keep
spreading it. Security awareness is not
a one time deal. It must be
reiterated. Employees must be exposed to
security issues on a regular and continuous basis.
Computer Security Day 1993
December 2nd is International Computer Security Day, 1993. Computer Security Day began in 1988 and
recognition of it is growing yearly.
"Improving Awareness" is the theme this year. Next year's theme will be "Individual
Responsibility." Below is a list of
suggested ways you may participate in Computer Security Day:
1. Display computer security posters.
2. Present computer security briefings.
3. Change your password.
4. Check for computer viruses.
5. Modify the logon message on your computer system to notify users that
Computer Security Day is December 2nd.
6. Vacuum your computer and the immediate area.
7. Clean the heads on your disk drives or other magnetic media drives.
8. Back-up your data. (after being certain that it is virus-free.)
9. Delete unneeded files.
10. Demonstrate computer security software.
11. Publicize existing computer security policy.
12. Issue new and improved computer security policy.
13. Announce COMPUTER SECURITY DAY in your internal newsletter.
14. Examine the audit files on your computer.
15. Verify that the "Welcome" message that is normally used on
your computer is appropriate for your organization.
16. Put write-protect tabs on all diskettes that are not to be written
to.
17. Take the write-protect rings out of the tapes in your library.
18. Verify your inventory of computer applications.
19. Verify your inventory of computer utilities and packaged software.
20. Verify your inventory of computer hardware.
21. Install and inspect power surge protection as appropriate.
22. Install fire/smoke detection and suppression equipment in computer
areas.
23. Eliminate dust from computer areas.
24. Provide dust and water covers for personal and larger computers.
25. Post "No Drinking" and "No Smoking" signs in
computer areas.
26. Develop a recovery plan for all computer systems that require one.
27. Verify that passwords are not "Posted" and all other keys
are secured.
28. Verify that backup power and air conditioning fit your needs.
29. Have a mini training session to provide all computer users with a
basic understanding of computer security.
30. Verify that all source code is protected from unauthorized changes.
31. Verify that each computer has a trouble log and that it is being
used.
32. Verify that appropriate off-site storage exists and is being used.
33. Remove all unnecessary items such as extra supplies, coat racks, and
printouts from the computer room.
34. Select a computer system on which to perform a risk analysis.
35. Begin planning for next year's COMPUTER SECURITY DAY.
36. Change the FORMAT command in DOS to avoid accidentally Formatting of
disks.
37. Hold a discussion of ethics with computer users.
38. Volunteer to speak about computer security at a local computer club.
39. Register and pay for all commercial software that is used on your
computer.
40. Register and pay for all shareware software that you use regularly.
41. Install all security-related updates to your computer's operating
system.
42. Help a computer novice backup their files.
43. Consider the privacy aspect of the data on your computer and protect
it.
As computers and networks become a part of our work, it becomes
imperative that we safeguard the information contained within the system. It is going to require much work on everyone's
part to insure the security of the computer network system and its data. DO YOUR PART!
References
1. Carlson, Richard E.,
"Novell Netware and C2 security",
Computer Fraud and Security Bulletin , pp. 5-10, March 1993.
2. Cobb, Stephen, PC and LAN
Security , TAB Books, Blue Ridge Summit, PA, 1992.
3. Computer Fraud &
Security Bulletin , "PC Based Network Security Some Practical
Advice", pp. 6-12, July 1992.
4. Fites, Philip E., Kratz, Martin P.J. and Brebner, Alan F., Control
and Security of Computer Information Systems , Computer Science Press,
Rockville (MD), 1989.
5. Murray, Bill, "Local Area
Networks - Security and access control", Computer Fraud and Security
Bulletin , pp. 10-15, December, 1992.
6. Peltier, Thomas, "Information Security Awareness",
Computer Fraud and Security Bulletin , pp. 10-17, Feb. 1992.
7. Pfeeger, Charles P., Security in Computing, Prentice- Hall,
Englewood Cliffs (NJ), 1989.
8. Rentell, Michael,
"Security Management of Distributed UNIX Systems", Computer Fraud
and Security Bulletin , pp. 7-9, September, 1992.
9. Seymour, Thomas,
"Computer Viruses and the Computer Network", Proceedings of the
International Association for Computer Information Systems , Las Vegas, NV.
Oct. 1993.
10. Solomon, Alan, "PC Access Control Systems, How to choose and
use them", Computer Fraud and Security Bulletin , pp. 7-10,
December 1992.
11. Stoll, Cliff, The Cuckoo's Egg: Tracing a Spy Through the Maze of
Computer Espionage , Doubleday, New York (NY), 1989.
12. Summers, Wayne C. seminar notes for "Computer Security,
Computer Crime and Combatting Computer Viruses," April 1993.
13. Summers, Wayne, Zaidah Ibrahim and Naimah Mohd. Hussin, COMPUTER
VIRUSES, Federal Publications, Malaysia, 1993.
14. Summers, Wayne C. "Computer Security in Malaysia" ,
Proceedings of the National Conference in Information Technology '93,
September 1993, Kuala Lumpur, Malaysia.
15. SUN Microsystems Manual,
"Systems Administration Procedures", March 1990.
16. Swain, Nick, "Controlling Network Security in a Multivendor
Environment", Computer Fraud and Security Bulletin , pp. 6-10,
August 1993.